Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/cfbX6ijHwY1ZUJZ12vp58Blt3Es.roa
File: cfbX6ijHwY1ZUJZ12vp58Blt3Es.roa (raw, json)
Hash identifier: lTm+YV/v+XBFpFOaRaWWDpglZgm/yac2iSOyj/0oykE=
Subject key identifier: 71:F6:D7:EA:28:C7:C1:8D:59:50:96:75:DA:FA:79:F0:19:6D:DC:4B
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 013DDBD9
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/cfbX6ijHwY1ZUJZ12vp58Blt3Es.roa
Signing time: Sat 01 Jan 2022 13:05:36 +0000
ROA not before: Sat 01 Jan 2022 13:05:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 87.236.165.0/24 maxlen: 32
45.150.225.0/24 maxlen: 32
45.150.224.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20831193 (0x13ddbd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 13:05:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71f6d7ea28c7c18d59509675dafa79f0196ddc4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ee:83:a7:d9:60:e7:5e:9c:c0:32:67:fc:fb:
c3:54:3b:f4:31:d1:42:70:60:76:47:97:bb:67:e3:
02:b3:d0:03:9e:0a:1c:a2:5d:45:a7:6c:cf:f0:8e:
ff:16:03:0a:c9:af:2e:fa:61:d5:0d:4f:3b:98:de:
9a:fc:14:48:e2:ac:8c:dd:55:10:ef:c9:73:2e:9b:
cf:70:22:85:5b:da:45:b9:66:fb:9a:0d:21:cc:8a:
bf:08:b0:f0:78:59:31:42:00:e5:40:8b:d0:fe:38:
a8:b7:1a:9a:a6:81:a9:7e:a5:4f:14:a8:1a:e1:3f:
19:48:a9:b8:3b:51:18:73:20:4b:e6:99:06:d1:0d:
83:c3:61:57:1b:78:cf:54:b0:ea:6b:07:f6:97:00:
45:63:27:30:45:9a:91:3e:a6:3f:3c:0b:aa:fb:dd:
82:24:92:39:94:9a:02:23:af:6c:18:a4:b2:76:4e:
48:a9:6b:7d:18:61:7a:23:36:0f:8d:27:03:96:bb:
58:5b:69:63:de:e5:7f:1f:00:a2:d3:bc:2c:93:6b:
b3:13:8b:2e:a1:c2:73:78:61:3a:97:9d:0c:83:e9:
03:96:03:04:99:59:3b:36:81:73:3f:64:41:10:43:
26:43:db:b7:f9:36:35:17:0f:cf:fe:58:ba:f6:73:
8e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F6:D7:EA:28:C7:C1:8D:59:50:96:75:DA:FA:79:F0:19:6D:DC:4B
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/cfbX6ijHwY1ZUJZ12vp58Blt3Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.224.0/23
87.236.165.0/24
Signature Algorithm: sha256WithRSAEncryption
74:c4:49:ee:a1:78:4d:25:a9:08:5f:b3:48:a6:ff:c4:54:9f:
4f:6f:34:e7:84:06:c2:0b:b7:a4:03:56:9e:0f:66:bd:4a:2c:
87:ee:b0:80:b5:29:98:b3:c4:78:25:47:a0:ce:03:b0:d0:16:
2b:a8:0d:df:d8:f3:94:fb:6e:de:32:8b:7a:a2:c5:cf:71:aa:
0a:d1:44:8b:b7:28:64:89:96:e9:2f:02:6d:f2:e7:3c:a7:c2:
1b:af:3d:04:4f:92:4f:5a:9f:0f:86:4b:18:80:9b:ad:13:ac:
dd:44:20:40:62:01:9e:22:49:18:3b:5b:41:34:6a:9b:86:1d:
3b:78:ec:b6:1d:74:17:56:b9:29:7c:0f:a3:be:47:f2:23:5c:
93:6c:84:6c:4d:e1:5c:8a:15:82:fe:92:90:cf:19:71:55:c1:
d6:fc:d9:ba:3b:ca:ad:57:51:a1:be:bb:36:d5:82:c7:d0:45:
5d:5d:b0:7d:f8:cc:cf:5b:52:27:42:62:16:05:f2:34:7f:ef:
8b:4c:d8:f0:7e:79:9d:2b:ed:bd:22:d8:71:1a:a8:d2:d9:d2:
e0:f4:7e:ef:16:0d:2b:fd:d7:58:ba:ab:c2:a9:1a:2a:62:15:
ee:5f:8c:99:9c:a2:f4:18:67:aa:1a:6c:ea:41:22:27:4e:3b:
d6:53:9c:4e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAT3b2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGI2N2M1YzdmYTdmZTI0OTJlZWMzN2NmNDI3NjQyYjcxZDQyNWIwMB4XDTIyMDEw
MTEzMDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFmNmQ3ZWEyOGM3
YzE4ZDU5NTA5Njc1ZGFmYTc5ZjAxOTZkZGM0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLug6fZYOdenMAyZ/z7w1Q79DHRQnBgdkeXu2fjArPQA54K
HKJdRadsz/CO/xYDCsmvLvph1Q1PO5jemvwUSOKsjN1VEO/Jcy6bz3AihVvaRblm
+5oNIcyKvwiw8HhZMUIA5UCL0P44qLcamqaBqX6lTxSoGuE/GUipuDtRGHMgS+aZ
BtENg8NhVxt4z1Sw6msH9pcARWMnMEWakT6mPzwLqvvdgiSSOZSaAiOvbBiksnZO
SKlrfRhheiM2D40nA5a7WFtpY97lfx8AotO8LJNrsxOLLqHCc3hhOpedDIPpA5YD
BJlZOzaBcz9kQRBDJkPbt/k2NRcPz/5YuvZzjtsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRx9tfqKMfBjVlQlnXa+nnwGW3cSzAfBgNVHSMEGDAWgBQNtnxcf6f+JJLu
w3z0J2QrcdQlsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RiWjhYSC1uX2lTUzdzTjg5Q2RrSzNIVUpiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvMGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8x
L2NmYlg2aWpId1kxWlVKWjEydnA1OEJsdDNFcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
MGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8xL0RiWjhYSC1uX2lT
UzdzTjg5Q2RrSzNIVUpiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS2W4AMEAFfspTANBgkqhkiG9w0B
AQsFAAOCAQEAdMRJ7qF4TSWpCF+zSKb/xFSfT28054QGwgu3pANWng9mvUosh+6w
gLUpmLPEeCVHoM4DsNAWK6gN39jzlPtu3jKLeqLFz3GqCtFEi7coZImW6S8CbfLn
PKfCG689BE+ST1qfD4ZLGICbrROs3UQgQGIBniJJGDtbQTRqm4YdO3jsth10F1a5
KXwPo75H8iNck2yEbE3hXIoVgv6SkM8ZcVXB1vzZujvKrVdRob67NtWCx9BFXV2w
ffjMz1tSJ0JiFgXyNH/vi0zY8H55nSvtvSLYcRqo0tnS4PR+7xYNK/3XWLqrwqka
KmIV7l+MmZyi9Bhnqhps6kEiJ0471lOcTg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:55 2023 by rpki-client on console-fra.rpki-client.org